[adding a permission] Consider the range of possible misuses

w3cping / blog-posts

Blog posts (in progress and published) for W3C's Privacy Interest Group (PING)

4 stars 4 forks source link

[adding a permission] Consider the range of possible misuses #9

Closed wseltzer closed 5 years ago

wseltzer commented 5 years ago

Nice write-up! In section 3, "What capabilities are implicated by the resource, sensor or functionality that you're adding?" you might add "Put yourself in the shoes of a malicious actor to consider the range of possible mis-uses of the feature. Would the web better serve user expectations if the feature were unavailable to invisible "drive-by" use?"

npdoty commented 5 years ago

Updated to include the consider-the-malicious-actor point as an example of deciding the unexpected inferences of a capability.

I didn't add the invisible/drive-by case because these questions are for when we're designing a feature that the designer thinks needs a permission.